none
AD RMS Standalone Installation for SharePoint 2013 RRS feed

  • Question

  • Hi,

    I would want to install AD RMS for SharePoint 2013 on a standalone server. Is that possible to have that? Because I want to install on dev environment first before we go to production.  Can anyone please point an article on step by step installation of AD RMS for SharePoint. I tried to install from the articles whatever I got, but I was not successful. Well, Installation shows successful but when I open AD RMS, it cannot connect to cluster or the web site.

    Can you please help me out pointing some good articles?


    Thanks, Hitchs

    Wednesday, August 6, 2014 3:54 PM

All replies

  • Hi Hitchs,

    Yes, you can install ADRMS on a standalone server, however there is no specific version of "ADRMS for SharePoint". What you have to do is to go through ADRMS installation and configuration and once you confirm ADRMS is working fine, you go for integration of ADRMS with SharePoint, which btw is very straight forward task. You can use following resources:

    1. ADRMS deployment (previous version, but the idea is still the same): http://blogs.technet.com/b/amolrb/archive/2009/05/22/step-by-step-guide-to-deploy-rms-server.aspx
    2. Integration with SharePoint: http://www.sharepointindepth.com/integrating-ad-rms-with-sharepoint-2010/ 
    3. Turning ADRMS on for selected SharePoint library (skip directly to "Step 3 - Configure individual Document Libraries with RMS Protection"): http://blogs.catapultsystems.com/IT/archive/2013/11/21/enabling-information-rights-management-in-sharepoint-online-in-3-easy-steps.aspx 

    A few tips you may find helpfull:

    • Make sure you have SCP registered in your domain after ADRMS deployment and ADRMS URL is in LOCAL INTRANET sites in IE
    • ADRMS URL has to have a certificate that is trusted by SharePoint and all your clients (issued by public or internal PKI)
    • It is very important is that you read article before integration with SharePoint and make sure you give required permissions on ServerCertification.asmx file! This is crucial to go step by step as described and not forget about anything (such as checkbox of Include inheritable permissions from this object's parent) before turning ADRMS on SharePoint server and library.

    Good luck!


    Did my post help you or make you laugh? Don't forget to click the Helpful vote :) If I answered your question please mark my post as an Answer.

    Friday, August 8, 2014 11:28 AM
  • I have configured the AD RMS server on SharePoint server. I'm able to browse that web services. I don't have it registered as SCP in AD. Even if we don't do that, is this supposed to work when I specifically tell the SharePoint to "Use this RMS Server"? When I do that I get this error, any idea what is causing it? As you mentioned, in the third tip, I gave permission to that service.


    Thanks, Hitchs


    • Edited by Hitchs Tuesday, August 12, 2014 7:17 PM
    Tuesday, August 12, 2014 7:16 PM
  • Hi Hitchs,

    For sure such setup is not recommended (RMS and SPS on the same machine). You don't need to register SCP for ADRMS, but yes, then you have to fill in "Use this RMS server:" field. have you tried "https://fqdn_of_RMS_Internal_URL_pipeline" ? This is the URL you see in ADRMS configuration, when you open ADRMS administrative console.


    Did my post help you or make you laugh? Don't forget to click the Helpful vote :) If I answered your question please mark my post as an Answer.

    Tuesday, August 12, 2014 10:31 PM
  • I have given the URL too, but it throws the same error. It seems like client is not installed properly. Although, I did that client installation for many times, and it is successful though without any errors. When I try to connect to AD RMS from SharePoint, it is always registering these 5823, 5144 events in Event Viewer.

    I really appreciate your time and help. Thanks a lot!!!


    Thanks, Hitchs

    Friday, August 15, 2014 4:10 PM
  • Hi,

    If you do not have SCP registerd in your domain, RMS client will not know how to get to your ADRMS server. Have you setup registry settings that define ADRMS URLs? If not, please follow "To enable client-side ADRMS service discovery using the Windows Registry" section from TechNet article: http://technet.microsoft.com/en-us/library/jj159267(v=ws.10).aspx and let us know if it worked..


    Did my post help you or make you laugh? Don't forget to click the Helpful vote :) If I answered your question please mark my post as an Answer.

    Saturday, August 16, 2014 5:45 PM
  • I tried that too... but no luck. Here are the events that are being generated each time when I try to connect to AD RMS server from SharePoint. 5144 and 5823

    And the error says:

    5144:

    Information Rights Management (IRM): There was a problem while creating the generic issuance license template.

    All issuance licenses for protected documents are constructed from a generic, base issuance license template.

    Additional Data

    Error value: 0x800704CF

    5823:

    Information Rights Management (IRM): There was a problem while getting the license template issuer list after connecting to the Online RMS server instance. Error value: 0x800704CF.

    Not sure how to take it from there.....I could not even find many articles about this. Please help...

    Monday, August 25, 2014 7:19 PM
  • Are you using Windows 2012 (R2) for ADRMS? What cryptographic mode did you use when configuring ADRMS?

    Did my post help you or make you laugh? Don't forget to click the Helpful vote :) If I answered your question please mark my post as an Answer.

    Tuesday, August 26, 2014 5:12 PM
  • Windows Server 2012.

    Basic mode(I think that ends with "1" not 2)


    Thanks, Hitchs

    Tuesday, August 26, 2014 6:22 PM
  • Please confirm:

    1. Open ADRMS console.

    2. Right click your ADRMS cluster name

    3. You should see "Change service account", "Delete", "Rename", "Properties" options. Can you also see "Update to Cryptographic Mode 2"?


    Did my post help you or make you laugh? Don't forget to click the Helpful vote :) If I answered your question please mark my post as an Answer.

    Wednesday, August 27, 2014 6:30 AM
  • Yes, I do see them.

    Thanks a lot for you help! I don't understand AD RMS looks good but when I try to integrate it fails.


    Thanks, Hitchs

    Wednesday, August 27, 2014 2:43 PM
  • Download and run IRMCheck http://blogs.technet.com/b/rmssupp/archive/2011/09/23/new-version-of-irmcheck-now-available.aspx . Maybe it will tell us more on this issue.

    Have you tried to use your ADRMS with Microsoift Office client (Word, Excel)?

    What I also suggest you is to try to go through this thread once again and make sure that everything has been verified and confirmed if it comes to different issue fix ideas.



    Did my post help you or make you laugh? Don't forget to click the Helpful vote :) If I answered your question please mark my post as an Answer.

    Wednesday, August 27, 2014 4:07 PM
  • Do you have any updates?

    Did my post help you or make you laugh? Don't forget to click the Helpful vote :) If I answered your question please mark my post as an Answer.

    Sunday, August 31, 2014 3:45 PM
  • Hello,

    I had a similar problem (with 5144 and 5823). For me the solution was to add permissions for both SPFarm account and AppPool account that runs the SP Web App in which we want to use IRM in AD RMS.

    Hope it will help.

    Wednesday, December 3, 2014 3:08 PM
  • Hello,

    just enable inheritancein advanced security setting for file ServerCertification.asmx in RMS Server


    Faisal Shaheen Senior System Administrator EL Sewedy Cables

    Wednesday, April 15, 2015 9:37 AM
  • Hitchs,

    Have you also tried to install AD RMS 2.1 Client on the SP? Do not forget to add the Computer Name and Service Account in the Security tab of ServerCertification.asmx file.


    Did my post help you or make you laugh? Don't forget to click the Helpful vote :) If I answered your question please mark my post as an Answer.

    Thursday, May 14, 2015 9:16 AM